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Remarks 



3 Claims 1 - 27 are pending. 
4 

5 Claim Rejections - 35 USC § 101 

6 

7 35 U.S.C. 101 reads as follows: 

8 Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 

9 matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
1 0 conditions and requirements of this title. 

11 

12 Claims 8, 9, 12 - 15, 17 are rejected under 35 U.S.C. 101 because the 

13 claimed invention is directed to non-statutory subject matter. 

14 

15 Regarding claim 8, it is a device claim wherein the language "comprising a 

16 cryptographic module" allows the claim to be implemented solely in software 

17 (Specification, lines 21, 22). It is therefore rejected under 35 U.S.C. 101 as not being 

18 tangible. 
19 

20 Regarding claims 9, 12-15, and 17, they are rejected because they do not 

21 further include by necessity any hardware in view of claim 8. They are therefore 

22 rejected under 35 U.S.C, 101 as not being tangible. 
23 

24 
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1 Claim Rejections - 35 USC § 102 

2 

3 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 

4 form the basis for the rejections under this section made in this Office action: 

5 A person shall be entitled to a patent unless - 

6 (b) the invention was patented or described in a printed publication in this or a foreign country or in public 

7 use or on sale in this country, more than one year prior to the date of application for patent in the United 

8 States. 
9 

10 

1 1 Claims 1, 3, 5, and 6 are rejected under 35 U.S.C. 102(b) as being 

1 2 anticipated by Caputo et al., "Pocket Encrypting and Authenticating 

13 Communications Device", U.S. Patent 5,778,071. 

14 

1 5 Regarding claim 1 , Caputo et al. discloses a method of authenticating 

16 communications, the method comprising: 

1 7 using a mobile communications device, which includes a cryptographic module 

1 8 for use in mobile communication, as an authentication token (Caputo et al., Col. 2, lines 

1 9 23-27; Col. 3, lines 33-38, 46-50). 
20 

21 Regarding claim 3, Caputo et al. discloses: 

22 the use of the mobile communications device as an authentication token includes 

23 using public key encryption of communications (Caputo et al. , Col. 1 , lines 27-39; Col. 

24 11, lines 18-59). 
25 

26 
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1 Regarding claim 5, Caputo et al. discloses: 

2 the mobile communications device is used as an authentication token for a 

3 computer, and authenticates communications between the computer and an 

4 authentication server (Caputo et al., Fig. 3, elem. 38; Fig. 5A, elem. 57; Col. 5, lines 15- 

5 20; Col. 13, lines 4-67). The computer or protected communications facility performs 

6 the function of an "authentication server" by authenticating the identity of a device/user. 
7 



8 Regarding claim 6, Caputo et al. discloses: 

9 providing a wired connection between the mobile communications device and the 
10 computer (Caputo et al., Col. 6, lines 41-61). 

11 
12 

1 3 Claim Rejections - 35 USC § 103 

14 

1 5 The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 

1 6 obviousness rejections set forth in this Office action: 

17 (a) A patent may not be obtained though the invention is not identically disclosed or described as set 

1 8 forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 

1 9 the prior art are such that the subject matter as a whole would have been obvious at the time the 

20 invention was made to a person having ordinary skill in the art to which said subject matter pertains. 

2 1 Patentability shall not be negatived by the manner in which the invention was made. 
22 

23 Claims 2, 4, 8, 9, 12, 14 - 27 are rejected under 35 U.S.C. 103(a) as being 

24 unpatentable over Caputo et al. as applied to claims 1 , 3, 5, and 6 above, further 

25 in view of Grimm et al., "Portable Computer Stored Removable Mobile 
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1 Telephone", U.S. Patent 5,907,815, and further in view of Geiger et al., "Secure 

2 Wireless Electronic-Commerce System with Wireless Network Domain", U.S. 

3 Patent 6,463,534 B1. 

4 Caputo et al. discloses a mobile communications device, comprising a 

5 cryptographic module, which is used as a token for authenticating a user and for 

6 encrypting communications (Caputo et al., Col. 2, lines 23-27; Col. 3, lines 33-38, 46- 

7 50; Fig. 2). The device sends communications to a recipient by wired telephonic means 

8 (Caputo et al., Fig. 2, elem. 14; Col. 16, lines 40-45; Col. 17, lines 3-7). Caputo et al, 

9 however, does not disclose that the device sends the communications by wireless 

10 means, or that the device is enabled to use the enhanced wireless security of the 

1 1 Wireless Application Protocol. 

12 Grimm et al. discloses a mobile communications device ("wireless phone") that is 

13 enabled to send communications from a user of a connected computer via wireless 

14 telephonic means (Grimm et al., Col. 12, lines 12-33; Fig. 7; Fig. 9). 

1 5 Thus it would have been obvious to one of ordinary skill in the art to combine the 

16 wireless mobile communication feature of Grimm et al. with the mobile communication 

17 device of Caputo et al. because it is apparent that the ability to operate wirelessly would 

18 enhance a communication device designed to be mobile and portable. 

19 Geiger et al., discloses a wireless device and system used to send secure 

20 wireless transactions using the Wireless Application Protocol (Geiger et al., Col 2, lines 

21 49-65; Col. 9, lines 22-53). As disclosed by Geiger et al., WAP is a convenient protocol 

22 to use with wireless communications, chosen for its security. 



Application/Control Number: 09/928,491 Page 6 

Art Unit: 2137 

1 Thus, it would have been obvious to one of ordinary skill in the art to combine the 

2 use of the Wireless Application Protocol and system of Geiger et al. with the 

3 combination of Caputo et. al. and Grimm et al. because it is obvious that a wireless 

4 mobile communication device designed for authenticated and encrypted 

5 communications would be enhanced by the use of a communication protocol and 

6 system that features increased wireless security. 
7 



8 Regarding claim 2, the combination of Caputo et al., Grimm et al., and Geiger et 

9 al., disclose: 

10 the mobile communications device is a WAP-enabled device (Geiger et al., Fig. 

11 1 , Col. 9, lines 22-53). As disclosed, the device is WAP-enabled since it communicates 

1 2 using the WAP protocol. 
13 

14 Regarding claim 4, the combination of Caputo et al., Grimm et al., and Geiger et 

15 al., disclose: 

1 6 the mobile communications device uses the> cryptographic module for Wireless 

17 Transport Layer Security communications (Geiger et al., Col. 2, lines 49-65; Col. 6, lines 

18 55-58; Col. 9, lines 22-53). As disclosed, communication security, the functionality 

19 provided by the cryptographic module, is accomplished using WTLS communications. 
20 
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1 Regarding claim 8, the combination of Caputo et al., Grimm et al., and Geiger et 

2 al., disclose a mobile communications device, comprising a cryptographic module, the 

3 cryptographic module being useable: 

4 for encoding wireless communications from the device (Caputo et al., Col. 2, 

5 lines 23-27); 

6 for authenticating a user of the device towards an authentication server (Caputo et al., 

7 Fig. 3, elem. 38; Fig. 5A, elem. 57; Col. 5, lines 15-20; Col. 13, lines 4-67). The 

8 computer or protected communications facility performs the function of an 

9 "authentication server" by authenticating the identity of a device/user. 
10 

1 1 Regarding claim 9, the combination of Caputo et al., Grimm et al., and Geiger et 

12 al. disclose the cryptographic module being usable for authenticating a user of a 

13 separate computer towards an authentication server (Caputo et al., Fig. 3, elems. 22, 

14 38; Fig. 5A, elem. 57; Col. 5, lines 15-20; Col. 13, lines 4-67). The computer or 

15 protected communications facility performs the function of an "authentication server" by 

16 authenticating the identity of a device/user. 
17 

18 Regarding claim 12, the combination of Caputo et al., Grimm et al., and Geiger et 

19 al. disclose the cryptographic module is usable to support wireless communications 

20 using Wireless Transport Layer Security (Geiger et al., Col. 2, lines 49-65; Col. 6, lines 

21 55-58; Col. 9, lines 22-53). As disclosed, communication security, the functionality 

22 provided by the cryptographic module, is accomplished using WTLS communications. 
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1 Regarding claim 14, the combination of Caputo et al., Grimm et al., and Geiger et 

2 al. disclose the cryptographic module uses public key cryptography (Caputo et al., Col. 

3 1 , lines 27-39; Col. 1 1 , lines 1 8-59). 
4 

5 Regarding claim 15, the combination of Caputo et al., Grimm et al., and Geiger et 



6 al. disclose means for sending and transmitting data using WAP (Geiger et al., Fig. 1 , 

7 Col. 9, lines 22-53). As disclosed, the device is WAP-enabled since it communicates 

8 using the WAP protocol. 
9 

10 Regarding claim 16, the combination of Caputo et al., Grimm et al., and Geiger et 

11 al. disclose the cryptographic module is realized in hardware in the device (Caputo et. 

12 al., Col. 8, lines 34-55; Col. 9, lines 28-45). As disclosed, the cryptographic module, the 

13 cryptographic component(s), may be either software or hardware. 
14 



15 Regarding claim 17, the combination of Caputo et al., Grimm et al., and Geiger et 

16 al. disclose the cryptographic module is realized in software in the device (Caputo et. 

17 al., Col. 8, lines 34-55; Col. 9, lines 28-45). As disclosed, the cryptographic module, the 

1 8 cryptographic component(s), may be either software or hardware. 

19 Regarding claim 18, the combination of Caputo et al., Grimm et al., and Geiger et 

20 al. disclose the cryptographic module is provided on an external smart card (Caputo et. 

21 al., Col. 10, lines 19-31, 51-59; Col. 13, lines 4-10, 25-67). As disclosed, the 
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1 cryptographic module, the cryptographic component(s), may be provided on an external 

2 smart card. 
3 

4 Regarding claim 19, the combination of Caputo et al., Grimm et al., and Geiger et 

5 al. disclose the cryptographic module comprises a Wireless Identity Module (WIM) card 

6 (Geiger et. al., Col. 1 1 , line 64 - Col. 12, line 8). As disclosed, the cryptographic 

7 module, the cryptographic/authentication component(s), may comprise a WIM card. 
8 

9 Regarding claim 20, the combination of Caputo et al., Grimm et al., and Geiger et 

10 al. disclose the cryptographic module comprises a Wireless Identity Module (WIM) card 

1 1 which allows communications using Wireless Transport Layer Security (Geiger et. al., . 

12 Col. 11, line 64 - Col. 12, line 8). As disclosed, the WIM card provides an interface for 

1 3 using the WAP security layer (WTLS). 
14 



15 Regarding claim 21 , it is rejected for the same reasons as claims 1 and 2. 

16 

17 Regarding claim 22, the combination of Caputo et al., Grimm et al., and Geiger et 

18 al. disclose a communications network, comprising: 

1 9 at least one WAP gateway, which is enabled to encrypt communications on the 

20 basis of Wireless Transport Layer Security (Geiger et al., Figs. 1 , 4; Col. 6, lines 49-64; 

21 Col. 9, lines 21-53); 
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1 at least one authentication server operable in a first authentication protocol 

2 (Caputo et al., Fig. 3, elem. 38; Fig. 5A, elem. 57; Col. 5, lines 15-20; Col. 13, lines 4- 

3 67). The computer or protected communications facility performs the function of an 

4 "authentication server" by authenticating the identity of a device/user. 

5 a WAP-enabled client device, including a cryptographic module, the 

6 cryptographic module being usable for encrypting communications with the WAP 

7 gateway using the Wireless Transport Layer Security, and the cryptographic module 

8 being further usable as an authentication token for authenticating a user of the device 

9 towards the authentication server, using the first authentication protocol (Geiger et al., 

10 Col. 2, lines 49-65; Col. 6, lines 55-58; Col. 9, lines 22-53; Col. 2, lines 23-27; Col. 3, 

11 lines 33-38, 46-50). As disclosed, encrypted communications, functionally provided by 

12 the cryptographic module, are accomplished by the device using WTLS. Furthermore, 

1 3 the device is used as a token for authenticating a user of the device towards a 

14 authentication server. 
15 

16 Regarding claims 23 - 26, they are system claims related to device claims 16 - 

17 19, and are rejected for the same reasons. 
18 

19 Regarding claim 27, it is rejected for the same reasons as claims 1 , 2, 5, and 22. 

20 

21 

22 
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1 Claims 7, 10, and 11 are rejected under 35 U.S.C. 103(a) as being 

2 unpatentable over the combination of Caputo et al., Grimm et al., and Geiger et al. 

3 as applied to claims 1 - 6, 8, 9, 12, and 14-27 above, further in view of Ericsson, 

4 "Bluetooth - A Global Specification for Wireless Connectivity". 

5 

6 Regarding claims 7, 10, and 11, the combination of Caputo et al., Grimm et al., 

7 and Geiger et al. disclose a wired connection between the device and the computer 

8 (Caputo et al., Col. 6, lines 41-61). They do not disclose a wireless connection or 

9 connection via a short-range transceiver incorporating Bluetooth wireless technology. 

10 Ericsson discloses the obvious use of wireless connections between devices 

1 1 (Ericsson, Page 1). Bluetooth, a short-range radio technology allows for the 

12 replacement of wired connections - "facilitating protected" wireless connections 

13 between mobile devices. As disclosed, Bluetooth technology can be used to replace 

14 "the cumbersome cable used today to connect a laptop to a cellular telephone". 

1 5 It would be obvious to one of ordinary skill in the art to combine the secure 

16 feature of wireless short-range radio connection and Bluetooth technology of Ericsson 

17 with the combination of Caputo et al., Grimm et al., and Geiger et al. because it is 

1 8 apparent that the ability to securely operate wirelessly would enhance a 

19 security/communication device designed to be mobile and portable. 
20 

21 
22 
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1 Claim 13 is rejected under 35 U.S.C. 103(a) as being unpatentable over the 

2 combination of Caputo et al., Grimm et al., and Geiger et al. as applied to claims 1 

3 - 6, 8, 9, 12, and 14 - 27 above, further in view of Gullman et al., "Biometric Token 

4 For Authorizing Access to a Host System". 

5 Regarding claim 13, the combination of Caputo et al., Grimm et al., and Geiger et 

6 al. disclose a mobile communications device that is used as a token. Also disclosed, is 

7 that biometric information may be used to identify a user (Caputo et al., Col. 1 , lines 45- 

8 67). However, it does not disclose specifically that a mobile communications device 

9 could have means for allowing the biometric identification of a user. 

10 Gullman et al., describes a mobile communications device having means for 

1 1 allowing the biometric identification of a user (Gullman et al., Col. 2, lines 48-65). 

12 Gullman et al. discloses that the additional means for allowing the biometric 

13 identification of a user, increases the security of a key-based token. 

14 It would have been obvious to one of ordinary skill in the art to combine the 

15 means for allowing the biometric identification of Gullman et al. with the mobile 

16 communications device of Caputo et al., Grimm et al., and Geiger et al. because it is 

17 obvious that a device designed securely authenticate a user would be enhanced by 

1 8 more secure methods of authentication. 
19 

20 
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1 Claims 1-27 are rejected under 35 U.S.C. 102(a) as being unpatentable 

2 over Nordman, "Secure Access Method, and Associated Apparatus, for 

3 Accessing a Private IP Network", U.S. Patent 6,061,346. 
4 

5 Regarding claims 1 - 27, they are rejected for the reasons provided in the 



6 International Search Report (HL76382/004/KM) on 1 1/9/2001 in response to application 

7 no. PCT/EP 01/08320. 
8 

9 



10 Conclusion 

11 

12 The following prior art made of record and not relied upon is considered pertinent 

13 to applicant's disclosure. 

14 a. Seiderman, "Portable Cellular Telephone With Credit Card Debit System", 

15 U.S. Patent 5,850,599. 

16 b. Wang, "Portable Electronic Authorization Devices and Methods Therefor", - 

17 U.S. Patent 5,917,913. 

18 c. Muftic, "Smart Token System for Secure Electronic Transactions and 

19 Identification", U.S. Patent 5,943,423. 

20 d. Muftic, "Secure World Wide Electronic Commerce Over an Open Network", 

21 U.S. Patent 5,850,442. 

22 d. "WAP White Paper", AU-System, February 1999. 
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1 

2 Any inquiry concerning this communication or earlier communications from the 

3 examiner should be directed to Williams Jeffery whose telephone number is (571) 272- 

4 7965. The examiner can normally be reached on 8:30-5:00. 

5 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

6 supervisor, Caldwell Andrew can be reached on (571) 272-3868. The fax phone 

7 number for the organization where this application or proceeding is assigned is (703) 

8 872-9306. 

9 Information regarding the status of an application may be obtained from the 

10 Patent Application Information Retrieval (PAIR) system. Status information for 

1 1 published applications may be obtained from either Private PAIR or Public PAIR. 

12 Status information for unpublished applications is available through Private PAIR only. 

13 For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 

14 you have questions on access to the Private PAIR system, contact the Electronic 

15 Business Center (EBC) at (866) 217-9197 (toll-free). 

17 

18 ANDREW CALDWELL 

SUPERVISORY PATENT EXAMINER 

19 



